https://bz.apache.org/bugzilla/show_bug.cgi?id=60614
Bug ID: 60614
Summary: please document how to use JNDI datasource in
server.xml with GlobalNamingResources (after
CVE-2016-6797)
Product: Tomcat 8
Version: 8.5.9
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ----
until deb stable tc8.0.14 (till nov2016), the following server.xml worked
<Server...
<Service ...
<Connector...
<Engine..
<Realm .../>
<Host ...>
<Valve .../>
<Context ...
<Resource name="jdbc/x... />
<ResourceParams name="jdbc/x.../>
<Resource name="jdbc/y... />
<ResourceParams name="jdbc/y.../>
<Resource name="jdbc/z... />
<ResourceParams name="jdbc/z.../>
<Environment name="logging-context" .../>
</Context>
</Host>
<Host ...>
...
</Host>
</Engine>
</Service>
<Service>
...
</Service>
...
</Server>
After moving to 8.5.9, this no longer works (bug 60611).
I understand, that the above as per CVE-2016-6797 is no longer supposed to
work.
I tried to adapt as
<Server...
<Service ...
<Connector...
<Engine..
<Realm .../>
<Host ...>
<Valve .../>
<Context ...
<Environment name="logging-context" .../>
</Context>
</Host>
<Host ...>
...
</Host>
</Engine>
</Service>
<Service>
...
</Service>
...
<GlobalNamingResources>
<Resource name="jdbc/x... />
<ResourceParams name="jdbc/x.../>
<Resource name="jdbc/y... />
<ResourceParams name="jdbc/y.../>
<Resource name="jdbc/z... />
<ResourceParams name="jdbc/z.../>
</GlobalNamingResources>
</Server>
http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_9/java/org/apache/catalina/startup/Catalina.java
shows in createStartDigester() in the first position after "Server"
digester.addObjectCreate("Server/GlobalNamingResources",
"org.apache.catalina.deploy.NamingResourcesImpl");
but also
// Add RuleSets for nested elements
digester.addRuleSet(new
NamingRuleSet("Server/GlobalNamingResources/"));
so, it should be possible to also add it in the end?
http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_9/conf/server.xml
has a <GlobalNamingResources> element before the <Service> but after <Listener>
??? (and without <ResourceParams )
Please add corresponding hints to
1) https://tomcat.apache.org/tomcat-8.5-doc/config/index.html
2)
https://tomcat.apache.org/tomcat-8.5-doc/jndi-resources-howto.html#web.xml_configuration
3)
https://tomcat.apache.org/tomcat-8.5-doc/config/globalresources.html#Resource_Definitions
Too bad, there is no DTD for validation :( (bug 5145#c2 - >15yrs)
(the <GlobalNamingResources> exists since a while bug 33360)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
